czwartek, 24 stycznia 2008

ePassport - intro

Note: All the materials available and provided below are publically available on the internet.

Introduction

The biometric passport is in general the passport with the RFID computer chip, which stores the data necessary to uniquely identify the person. Once per a while there are organized the Interoperability Test Events, where number of companies presents their passports and test them with various readers discussing and analyzing the results - one of them happened last time in Berlin. The well known deliverers of complex solutions are (among others):

The content of the chip is the top secret knowledge of any country and the specficiations for such processors (including the OS) are not publically available. You may split them on two subsets - the one, which have just OS and the one which has additional Java Virtual Machine. Some of the most known brands are (among others):

Of course except the processors, you need plenty of the other items and there is couple of other niches like "passport readers" equipments (Omnikey, 3M, Oce) , but the main trend is established be the ICAO norms - document 9303, which you must pay for.

BAC > EAC

The communication with a chip is specified by ICAO New Technology Working Group within two standards:

Basic Access Control (BAC) - it is already working in number of countries and it is mandantory in EU already

Extended Access Control (EAC) - it works just in Germany since Nov 05, but number of countries are preparing for that, as it is planned to be obligatory since 2009. (there is a couple of opened issues yet in specification)

BAC specifies mainly the fundamentals answering the questions, where chip should be wrapped within the passport, what data should be stored in processor (including the picture and digital signature to detect modification - the content of the chip should stay static from verification to verification) and how the data should be passed from the chip, including the encrypting mechanism based on MRZ - machine readable zone, which you can see in the passport as:

P<UTOERIKSSON<<ANNA<<MARIA<<<<<<<<<<

BAC is "criticized as offering too little protection from unauthorized interception" and it happens because the cryptography key are symmetric, they base on passport serial number, date of birth and exipry date (no infrastructure provided).

Lukas Grunwald demonstrated that it is trivial to copy the biometric certificatefrom an open e-passport into a standard ISO 14443 smartcard using a standardcontact-less card interface and a simple file transfer tool. This is hardlysurprising, given that the certificate is simply stored as a file, and had beenobvious to those involved in the design of the ICAO e-passport standardthroughout its development. In particular, Grunewald did not change the dataheld on the copied chip, which binds biometric data (e.g., photo) to identitydata (e.g., name and date of birth), without invalidating its cryptographicsignature, which means at present the use of this technique does not allowreprogramming of fake biometric data to match a different user. Grunewald alsodid not clone the Active Authentication functionality, an optional feature ofthe ICAO e-passport standard that some countries implement such that theembedded microprocessor is not only a floppy-disk-like data carrier for abiometric certificate, but also a tamper-resistant authentication token that canparticipate in a public-keycryptography based challenge-response protocol. Nevertheless, Grunewaldcreated international media headlines with his claim that such copying of thebiometric certificate constitutes the creation of a "false passport" usingequipment costing around USD$200